Man-in-the-middle attacks represent a significant security threat to network communications.
FIG. 1 (a) schematically illustrates normal communications passing between a client device and a remote end point (such as a web server) over a communications network (for example a public network such as the Internet). A man-in-the-middle attack is an attack in which a third party (typically a malicious party) intercepts communications passing between the client device (or other communication initiating point) and the remote end point.
As illustrated schematically in FIG. 1 (b), the man-in-the-middle may intercept communications between the client device and remote end point but relays them on to their destination (indicated by the solid line arrows). In this form of attack the man-in-the-middle may simply be interested in obtaining a copy of the communications that are passing between the client device and remote end point. Alternatively, the man-in-the-middle may act to alter to communications before they are relayed.
In an alternative form of man-in-the-middle attack, the man-in-the-middle may masquerade as the intended remote end point, receiving communications from the client device and responding directly to the client device, without the communication ever reaching the remote end point (as indicated by the dashed line arrows).
In either of these scenarios, the man-in-the-middle in effect has control of the ‘conversation’ between the client device and the remote end point and can manipulate that ‘conversation’ to achieve their own, often malicious, ends. Meanwhile, the person using the client device remains oblivious to the attack and is under the impression that they are communicating as normal with the remote end point.
Initiating a man-in-the-middle attack against unencrypted communications is relatively straight forward. For this reason, it is commonplace to use certificate-based encrypted communications, especially where the information that is passing is sensitive or where the messages that are passing include instructions to initiate financial or other transactions for example. The operation of certificate-based encryption, involving the exchange of public keys/certificates is well known to the skilled person and will not be described here.
However, if an attacker is somehow able to get access to the private component of a certificate which is already trusted on the device, or alternatively deploys a certificate to the device, or uses social engineering to persuade the end user to trust a new root certificate, then a man in the middle attack can also be launched against a supposedly secure connection.
Approaches have been proposed to secure communications (sent over a public network) against man-in-the-middle attacks. Known approaches require an additional exchange or transmission of information over a separate secure channel. One example of such an approach is “certificate pinning”.
Certificate pinning is an additional check in the normal TLS or SSL protocol and involves an independent check of the validity of the end point's certificate once it has been obtained from the end point. This involves checking the certificate against validation data that is typically integral with a specific application on the client device from which communications with the remote end point are initiated. Whilst this approach can provide an application specific counter-measure against man-in-the-middle attacks, it does not help secure communications initiated by other applications on the client device. A more generic protection against man-in-the-middle attacks would be beneficial.